|
From: Parthasarathi K. <par...@ya...> - 2012-08-07 04:01:18
|
If the rule file contains SecAuditLog and provides the file name and there is no SecAuditLogStorageDir( it is not mandatory) , it creates audit.log as the directory instead of creating that as the index file. SecRuleEngine On SecAuditEngine On SecAuditLogType concurrent SecAuditLog audit.log SecAuditLogParts ABCFHZ The behaviour is different when SecAuditLog ./audit.log. The issue is with file_dirname(msr->mp, "audit.log")function. it returns "audit.log", where as file_dirname(msr->mp, "./audit.log" ) correctly returns "." as the directory. Should not it return "." even on file_dirname(msr->mp, "audit.log") ? Thanks Partha |
